<?php
/*

Copyright 2009 Matthew C. Dettinger

This program is free software: you can redistribute it and/or modify 
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

function dao_user_add_new_user($config, $email) {
	$link = c_establish_db_conn($config);
	
	//check to see that the name handed is in valid form
	if(!$regex_status = eregi("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", $email)) {
		$msg = "User email must be in valid format!";
		c_announce_user_error($msg);
	}
	
	//check to see if user name is already in database
	$query = "SELECT * FROM user WHERE email = '$email'";
	$result = mysqli_query($link, $query);
	if(mysqli_num_rows($result) != 0) {
		// this is already in the db
		$msg = "User email is not available at this time.";
		c_announce_user_error($msg);
	}
	
	// generate uuid for new entry
	$uuid = c_generate_uuid();
	$query = "INSERT INTO user VALUES('$uuid', '$email')";
	mysqli_query($link, $query);

	return $uuid;
}

function dao_user_authenticate($config, $email) {
	$link = c_establish_db_conn($config);
	
	//check to see that the name handed is in valid form
	if(!$regex_status = eregi("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", $email)) {
		$msg = "User email must be in valid format!";
		c_announce_user_error($msg);
	}
	
	//check to see if auth is valid
	$query = "SELECT * FROM user WHERE email = '$email'";
	$result = mysqli_query($link, $query);
	if(mysqli_num_rows($result) == 0) {
		// invalid user
		$msg = "Invalid authentication!";
		c_announce_user_error($msg);
	}
	
	while ($row = mysqli_fetch_assoc($result)) {
		$user_uuid = $row[uuid];
		$_SESSION[user_uuid] = $user_uuid;
	}
	return $user_uuid;
}



?>